ext/ldap: Fix GH-16136 (Memory leak in php_ldap_do_modify())

Author: Girgias

ext/ldap/ldap.c

@@ -2154,6 +2154,11 @@ static void php_ldap_do_modify(INTERNAL_FUNCTION_PARAMETERS, int oper, int ext)
 			while (i >= 0) {
 				if (ldap_mods[i]->mod_type) {
 					efree(ldap_mods[i]->mod_type);
+					/* Free attribute values */
+					for (j = 0; j < num_berval[i]; j++) {
+						efree(ldap_mods[i]->mod_bvalues[j]);
+					}
+					efree(ldap_mods[i]->mod_bvalues);
 				}
 				efree(ldap_mods[i]);
 				i--;

ext/ldap/tests/gh16136.phpt

@@ -0,0 +1,30 @@
+--TEST--
+Bug GH-16136: Memory leak in php_ldap_do_modify() when entry is not a proper dictionary
+--EXTENSIONS--
+ldap
+--FILE--
+<?php
+
+/* ldap_add(_ext)(), ldap_mod_replace(_ext)(), ldap_mod_add(_ext)(), and ldap_mod_del(_ext)() share an underlying C function */
+/* We are assuming 3333 is not connectable */
+$ldap = ldap_connect('ldap://127.0.0.1:3333');
+$valid_dn = "cn=userA,something";
+
+$not_dict_of_attributes = [
+    'attribute1' => 'value',
+    'not_key_entry',
+    'attribute3' => [
+        'value1',
+        'value2',
+    ],
+];
+try {
+    var_dump(ldap_add($ldap, $valid_dn, $not_dict_of_attributes));
+} catch (Throwable $e) {
+    echo $e::class, ': ', $e->getMessage(), PHP_EOL;
+}
+
+?>
+--EXPECTF--
+Warning: ldap_add(): Unknown attribute in the data in %s on line %d
+bool(false)